Yes, if anywhere it would be using Snort or Suricata with custom rules files.

Better to ask in the IDS/IPS section for help with that.

Steve

Great. Thanks for the update.

Steve

Gotcha! Thank you guys!

even after configuring the mini-box with the basic's the minnowboard to me is still the better buy .

since you have a switch already the extra ports on the minobox will be a waste..

my minnowboard has proven stable no way i personally would buy a knock off

UPDATE:

I have made a factory reset on the XG7100, created a VPN tunnel and now Rsync works without any issues.. So that points to something in my configuration.. I will try restore a backup I made before the reset and see how that goes.. I might otherwise have to do a step by step reconfiguration and see if I can find the issue

I also curious as to why you need 3 virtualized instances of PFsense.

I have moved this post to my correct original account https://forum.netgate.com/topic/139236/which-hardware-for-pfsense-should-i-choose-continued. Please do not post here.

@derelict

I say that's a constant regardless of what you do :)

@stephenw10 said in Packet Capture Causes GUI Error?:

I created a bug to track it: https://redmine.pfsense.org/issues/9239

Thanks for doing that-Great job of writing up!
(Not sure if its worth suggesting, but another possible solution might be to cut the output at some predefined number rather than none. Might also be easier to code as it wouldn't be necessary to create a "None" option. If you think the idea has merit please add to you report.)

Thanks again for creating the report!

@ssbarnea said in Where to put shell commands to run at login?:

I am not willing to ruin the uptime of the router by rebooting it for that, even if is my home-office one.

There is nothing to be proud about a high uptime. A high uptime only showcases that you're late with updates.

Hi

I wanted to ask about where to look at further. The workaround works and since then I have (for sole fun) tried to reproduce this on a fresh system with a main and a secondary virtual IP but have not been able to reproduce it.

It has been reproducible though on this particular setup that has been update from 2.0.3 via 2.3.5 to latest 2.4.4-p1.

@johnpoz said in 2 Newbie Questions on Network Architecture:

So when you do vlan X to Y on the same physical interface you have actually cut your bandwidth in half when devices on these different vlans are talking to each other.

It's not quite that simple. While both VLANs are on the same wire, the portion of bandwidth will depend on the traffic patterns. For example, with a large file transfer, most of the bandwidth will be used in one direction, with only a small amount in the other. Bear in mind, with full duplex, what happens in one direction does not affect the other, so when doing that file transfer, one VLAN will have most of it's traffic in one direction and the other VLAN, in the other direction.

Filebeat now can take syslog udp input and transport over tcp tls.
Use this install script i have made and just set pfsense to syslog to 127.0.0.1:9000

https://github.com/Noebas/pfsense-filebeat

I can confirm filebeat is not compatible with clog, but running trough syslog works fine for me.
Also the config includes snort and pfblockerng logging

@stephenw10
Happy new year!

Yes, the risks are negligeable. I won't lose a penny if the network fails and I can easily make it up and running. I don't expect it to fail often nor fail for a long time thanks to the USB failover, back up, hardware failover (cold backup with exact same laptop and same configuration), etc.

In any case, I just easily can shut down my PFsense router or DHCP server and switch the VLANs to switch the DHCP server to the WAN1 or WAN2. It isn't difficult.
Furthermore, my family all has 4G and can use it as hotspot... Android smartphones, moreover, switch to 4g automatically when the connection isn't stable. Thus that is not at all big deal.

Thanks,

I have redone all the setup configuration. This time, finally, I was able to reconnect to my VPN provider after a reboot.

Let's hope it stays that way.

I consider this thread to be solved. I appreciate all the inputs you guys have given me.

I opened another ticket here asking for help about redirecting DNS queries.

Mmm, I thought that. Seems like it should still be one layer 2...
But I'm seeing multiple references showing the opposite. As I'm reading it's setting static ARP that prevents them working correctly, hence mostly they just work.
I guess more research needed...

Steve

@marvosa the problem with using a SRV record is the client trying to use whatever service must use or ask for the SRV record or know to ask for it. Web browsers for example do not do this because of an old RFC.

@stephenw10 yep I was finally able to get it after interrupting the boot on both the install and initial boot.

Be aware that using ZFS in a virtual environment may have some unexpected behavior. ZFS is copy-on-write so it doesn't play well with thin provisioned storage, eventually it will take up the entire space allocated to its disk(s).